pipeline {
    agent any

    // Explicitly define the tool to ensure it is available on the path.
    // The symbol 'dependency-check' usually corresponds to the OWASP Dependency-Check plugin tool type.
    tools { 
        'dependency-check' 'depcheck'
    }

    stages {
        stage('Security Scan') {
            steps {
                // Debug: Verify the tool is available and print version
                sh 'dependency-check.sh --version || echo "WARNING: dependency-check.sh not found in PATH"'

                // Run OWASP Dependency Check using the specific installation
                dependencyCheck additionalArguments: '--scan ./ --format ALL', odcInstallation: 'depcheck'
            }
        }
    }

    post {
        always {
            // Publish the results
            dependencyCheckPublisher pattern: 'dependency-check-report.xml'
            
            // Archive the reports
            archiveArtifacts allowEmptyArchive: true, artifacts: 'dependency-check-report.html'
        }
    }
}